Facebook.com's mastermind, Mark Zuckerberg, at his office in Palo Alto, Calif., in 2007.

Paul SakumaAP

Viewed out of context, recent Washington revelations paint a disturbing portrait of the vast amount of electronic data the nation's spy agencies are collecting. But the blockbuster news stories belie a simple truth: Personal privacy rights have been under sustained assault since well before the Sept. 11 terrorist attacks. And it's not just government that's vacuuming up information.

Dating to the early 1990s, growth in electronic commerce has been facilitated and driven by advances in data collection and storage. What we read, where we live, what we buy, whom we call, what music we listen to, what movies we watch in our homes, the names of childhood pets and mothers' maiden names — all of it, and much more, now lives on a server farm somewhere

What many consumers don't know, however, is how aggressively Big Tech has moved to track and combine the data to build user profiles. As for the growth of the national security state and its snooping habits, even as its tentacles have expanded there have been few signs of political backlash.

Here are some notable milestones over the past two decades that help explain how we got to this point:

1994: The birth of the cookie

Netscape is credited with inventing the browser "cookie," the innocently named little computer file that enables firms to build a profile of a user by recognizing and tracking his or her Web surfing behavior.

The Electronic Privacy Information Center reviews 100 of the most frequently visited Internet sites and reports in June 1997 that only 17 have explicit privacy policies. None meet basic standards for privacy protection, according to the public interest research center.

"We were not able to determine whether web sites are linking data collected on-line with other databases," wrote EPIC. "This classic computer matching technique is oftentimes one of the first indicators of a privacy problem. It is also likely to emerge as a significant issue in the near future."

Six weeks after the Sept. 11 terrorist attacks, President George W. Bush signs the Patriot Act into law. The bill, which grants broad new surveillance powers to law enforcement and intelligence agencies, is designed "to identify, to dismantle, to disrupt and to punish terrorists before they strike."

After passing both the House and Senate by wide margins, the Patriot Act widens the scope of the Foreign Intelligence Surveillance Act, or FISA, and includes a variety of provisions that allow for expanded data collection and surveillance by government, as well as disclosure of electronic communications.

The system, known as "Total Information Awareness," is designed to use data mining techniques to find hidden patterns of activity from vast troves of Internet mail information, credit card and banking transactions, and government documents.

Aside from concerns over its scope, the Orwellian ring to the program's name proves problematic. Within months of the initial headlines revealing its existence, it's changed to a less threatening moniker: "Terrorism Information Awareness."

2005: Warrantless surveillance

The New York Times reports in December 2005: "Months after the Sept. 11 attacks, President Bush secretly authorized the National Security Agency to eavesdrop on Americans and others inside the United States to search for evidence of terrorist activity without the court-approved warrants ordinarily required for domestic spying, according to government officials.

"Under a presidential order signed in 2002, the intelligence agency has monitored the international telephone calls and international e-mail messages of hundreds, perhaps thousands, of people inside the United States without warrants over the past three years in an effort to track possible 'dirty numbers' linked to Al Qaeda, the officials said. The agency, they said, still seeks warrants to monitor entirely domestic communications."

2006: Facebook launches News Feed

In September 2006, Facebook, the popular social networking service, launches its new News Feed feature, which broadcasts changes members make to their Web profiles to the pages of others in their Facebook social networks. After an uproar, fueled by complaints about the invasiveness of the feature, Facebook quickly apologizes and lets users disable or modify it.

A year later, Facebook again angers users with the introduction of Beacon, a program that sends news alerts to users' friends about which goods and services they purchased online. After widespread criticism and a class-action lawsuit, Beacon is shut down in late 2009.

2007: Google launches Street View

A new feature of Google Maps, Street View enables users to view and navigate within 360-degree panoramic street-level imagery of various U.S. cities.

"With Street View users can virtually walk the streets of a city, check out a restaurant before arriving, and even zoom in on bus stops and street signs to make travel plans," says Google in a May 29 announcement.

The remarkably detailed imagery immediately sparks a privacy debate, but it takes a back seat to a later revelation that Google's Street View cars — the ones taking the photos — had also collected sensitive personal information from wireless home networks.

The company tells Federal Trade Commission investigators that it had mistakenly collected the data. "We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users," the company explains. Google outlines the problem and the plans to fix it in a blog post.

2008: FISA amended

Congress passes the FISA Amendments Act in July 2008, expanding the federal government's surveillance powers and giving immunity to telecom companies that assist in a warrantless surveillance program.

2009: Facebook changes the rules

Tens of thousands of Facebook users protest against terms of service changes that allow Facebook to use anything uploaded to the site at any time, even after users have deleted their profiles and left Facebook.

After the backlash, the company reverts to its original policy and issues a statement of rights and responsibilities surrounding its relationship with users.

2011: Bad Buzz

Google agrees to settle Federal Trade Commission charges that it used deceptive tactics and violated its own privacy promises to consumers when it launched its social network Google Buzz in 2010.

Google had received thousands of complaints from users who were concerned about public disclosure of their email contacts which included, in some cases, ex-spouses, patients, students, employers or competitors.

The settlement calls for implementation of a comprehensive privacy program, and for regular, independent privacy audits for the next 20 years, marking the first time an FTC settlement order requires a company to implement a comprehensive privacy program to protect the privacy of consumers' information.

"Our new Privacy Policy makes clear that, if you're signed in, we may combine information you've provided from one service with information from other services," Google writes. "In short, we'll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience."

2012: FTC vs. Google, again

Google agrees to pay a $22.5 million fine to settle allegations that it violated terms of the settlement order it signed in 2011 surrounding Buzz. The Federal Trade Commission levied the penalty on Google — the largest ever imposed for violating a commission order — for misleading millions of users of Apple's Safari Web browser about tracking their online activities.